package com.java.cfpaying.config;

import com.java.jwt.filter.utils.filter.JwtAuthenticationFilters;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


/**
 * @author 陈烽
 */
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityWebConfig extends WebSecurityConfigurerAdapter {

//    private final CustomAccessDeniedHandler customAccessDeniedHandler;
//
//    @Autowired
//    public SecurityWebConfig(CustomAccessDeniedHandler customAccessDeniedHandler) {
//        this.customAccessDeniedHandler = customAccessDeniedHandler;
//    }

//    @Bean
//    public JwtAuthenticationFilter getJwtAuthenticationFilter() throws Exception {
//        return new JwtAuthenticationFilter(authenticationManager());
//    }

    @Bean
    public JwtAuthenticationFilters getJwtAuthenticationFilter() throws Exception {
        return new JwtAuthenticationFilters(authenticationManager());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.cors().and().csrf().disable().authorizeRequests()
                .antMatchers("/user1/getJwt").permitAll()
//                .antMatchers("/api/intention").permitAll()
                .antMatchers("/user1/**").authenticated()
                .anyRequest().permitAll()
                .and()
//                .exceptionHandling().accessDeniedHandler(customAccessDeniedHandler)
//                .and()
                .addFilter(new JwtAuthenticationFilters(authenticationManager()));
    }

}
